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DETAILED ACTION 

Response to Arguments 

1 . Applicant's arguments, see Remarks, filed November 1 , 2010, with respect to 
112 have been fully considered and are persuasive. The rejection of claims 14-21 
and 61 - 64 under 112 second paragraph has been withdrawn. 

2. Applicant's arguments, with respect to 101 have been fully considered and are 
persuasive. The rejection of claims 22 - 24, 26 - 28 and 65 - 68 under 1 01 has been 
withdrawn. 

3. Applicant's arguments with respect to the Arthan reference have been fully 
considered but they are not persuasive. Applicant argues that Arthan fails to teach that 
the private key is output from the central system while another key is retained and used 
by the central system. However, Arthan teaches both a current key and spare key are 
generated and that the spare key is held securely until it is called up as required 
(column 4, lines 20-31 ). Therefore it would have been obvious that the current key is 
retained and used by the system, while the spare key is held securely remotely until it is 
called up. 

4. Applicant argues that Arthan fails to teach creating a second private key 
associated with the first private key. Applicant argues that being pre-generated does not 
suggest that the second private key is associated with the first private key. However, 
Arthan states that the public and private keys are generated in pairs and that when the 
current key is compromised the spare key is used (column 4, lines 20-30). The keys 
being generated in pairs suggests that they are associated, and since the spare key is 
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used once the current key is compromised shows that the keys are associated since 
one is used to replace the other. 

5. Applicant argues that Arthan fails to teach that the second private key can be 
used when there is no access to the first private key. However, Arthan teaches that the 
spare private key is used when the current private key is compromised (column 4, lines 
15-22). To one of ordinary skill in the art, it would have been obvious that a compromise 
would include having the private key stolen. Therefore, Arthan teaches that the spare 
key is used when there is no access to the first private key. 

6. Applicant's arguments with respect to the second private key not being stored on 
the mobile user device have been considered but are moot in view of the new ground(s) 
of rejection. 

Claim Rejections - 35 USC § 103 

1 . Claims 50, and 56 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Arthan et al's US Patent 6,782,103 B1, and in view of Kurn et al's US Publication 
2002/0071561 A1. 

2. Referring to claim 50, Arthan teaches: 

a. A processor configured to generate a first private key and corresponding 
first public key, generate a second private key associated with the first private 
key and to create a second public key corresponding to the second private key 
(column 4, lines 25-30). 
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b. A storage medium coupled to the processor to store the first private key 
(column 2, lines 48-50). 

c. A transmitter to output the second private key such that it can be used 
when there is no access to the first private key wherein the first private key is 
disabled when the second private key is recreated and used for authentication 
(column 4, lines 25-32). 

d. Output the first public key and the second public key to a verifier device 
(column 4, lines 18-20). 

e. Wherein the processor uses the first private key for authentication of the 
device (column 4, lines 12-14). 

3. Arthan fails to teach transmitting a plurality of shares of the private key to a 
plurality of different entities such that it can be recreated while the private key is not 
stored on the device. However, Kurn teaches that the protection key is split among 
multiple individuals (paragraph 89) and that after the key is encoded, the protection key 
is erased from the computer memory (paragraph 102). Arthan and Kurn are analogous 
art because they are from the same field of endeavor, cryptography. At the time of the 
invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Arthan and Kurn before him or her, to modify the system of Arthan to 
include the key split of Kurn. The suggestion/motivation for doing so would have been 
so that no one individual can produce the key (paragraph 27). 

4. Referring to claim 56, Arthan teaches the second private key is removed from the 
user device upon transmission of the second private key (column 4, lines 30-32). 
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5. Arthan fails to teach transmitting a plurality of shares of the private key to a 
plurality of different entities such that it can be recreated while the private key is not 
stored on the device. However, Kurn teaches that the protection key is split among 
multiple individuals (paragraph 89) and that after the key is encoded, the protection key 
is erased from the computer memory (paragraph 102). Arthan and Kurn are analogous 
art because they are from the same field of endeavor, cryptography. At the time of the 
invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Arthan and Kurn before him or her, to modify the system of Arthan to 
include the key split of Kurn. The suggestion/motivation for doing so would have been 
so that no one individual can produce the key (paragraph 27). 

6. Claims 1 -3, 5-9, 11 - 14, 16-24, 26-28, 51, and 53-55 are rejected under 
35 U.S.C. 103(a) as being unpatentable over Arthan et al's US Patent 6,782,103 B1, 
and in view of Kurn et al's US Publication 2002/0071 561 A1 and further in view of 
Hansmann et al's US Publication 2002/0018570 A1 . 

7. Referring to claims 1,14 and 22, Arthan teaches: 

f. Creating a first private key and corresponding public key (column 4, lines 
25-30). 

g. Creating a second private key associated with the first private key and 
creating a second public key corresponding to the second private key (column 4, 
lines 25-30). 
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h. Outputting the second private key while retaining the first private key 
(column 4, lines 30-32) such that the first private key is inaccessible (column 5, 
lines 30-35). 

i. Transmitting the first public key and the second public key to a verifier 
device (column 4, lines 18-20). 

j. Using the first private key for authentication (column 4, lines 1 5-1 6). 

8. Arthan fails to teach transmitting a plurality of shares of the private key to a 
plurality of different entities such that it can be recreated while the private key is not 
stored on the device. However, Kurn teaches that the protection key is split among 
multiple individuals (paragraph 89) and that after the key is encoded, the protection key 
is erased from the computer memory (paragraph 102). Arthan and Kurn are analogous 
art because they are from the same field of endeavor, cryptography. At the time of the 
invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Arthan and Kurn before him or her, to modify the system of Arthan to 
include the key split of Kurn. The suggestion/motivation for doing so would have been 
so that no one individual can produce the key (paragraph 27). 

9. Arthan in view of Kurn fails to teach a mobile user device. However, Hansmann 
teaches authenticating devices, the devices including mobile phones (paragraphs 27- 
28). Arthan in view of Kurn and Hansmann are analogous art because they are from the 
same field of endeavor, cryptography. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Arthan in view of Kurn 
and Hansmann before him or her, to modify the system of Arthan in view of Kurn to 
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include the mobile phone of Hansmann. The suggestion/motivation for doing so would 
have been mobile phones are well known devices used for communication. 

10. Referring to claims 2 and 23, Kurn teaches: 

k. Creating at least two shares of the private key at the device (paragraph 
89). 

I. Outputting each share to a different entity (paragraph 89). 

1 1 . Arthan and Kurn are analogous art because they are from the same field of 
endeavor, cryptography. At the time of the invention, it would have been obvious to one 
of ordinary skill in the art, having the teachings of Arthan and Kurn before him or her, to 
modify the system of Arthan to include the key split of Kurn. The suggestion/motivation 
for doing so would have been so that no one individual can produce the key (paragraph 
27). 

12. Referring to claims 3, 16, and 24, Arthan teaches using the second private key 
independent of the first private key for authentication (column 4, lines 20-23). Kurn 
teaches re-creating the private key using at least some shares of the plurality of shares 
(paragraphs 27 and 103). Arthan and Kurn are analogous art because they are from the 
same field of endeavor, cryptography. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Arthan and Kurn 
before him or her, to modify the system of Arthan to include the key split of Kurn. The 
suggestion/motivation for doing so would have been so that no one individual can 
produce the key (paragraph 27). 

1 3. Referring to claims 5 and 1 7, Arthan teaches: 
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m. Creating a third private key associated with the second private key, and 
creating a third public key corresponding to the third private key (column 5, lines 
12-14). 

n. Outputting the third public key to the verifier (column 5, lines 12-14). 

14. Referring to claim 6, Arthan teaches: 

o. Outputting the third private key (column 4, lines 30-32). 

p. Using the third private key for authentication (column 4, lines 20-23). 

15. Kurn teaches: 

q. Outputting the key as a plurality of shares such that it can be recreated 
(paragraph 89). 

r. Recreating the private key using at least some of the plurality of shares 
(paragraph 27). 

16. Arthan and Kurn are analogous art because they are from the same field of 
endeavor, cryptography. At the time of the invention, it would have been obvious to one 
of ordinary skill in the art, having the teachings of Arthan and Kurn before him or her, to 
modify the system of Arthan to include the key split of Kurn. The suggestion/motivation 
for doing so would have been so that no one individual can produce the key (paragraph 
27). 

17. Referring to claim 7, Arthan teaches that the second private and public keys are 
created independently from the first private and public keys (column 4, lines 25-26). 

18. Referring to claims 8 and 18, Arthan teaches: 
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s. Creating a third private key associated with the second key and creating a 
third public key corresponding to the third private key (column 5, lines 12-14). 
t. Creating a fourth private key associated with the third private key and 
creating a fourth public key corresponding to the fourth private key (column 4, 
lines 25-30). 

u. Outputting the third and fourth public keys (column 4, lines 18-20). 

1 9. Arthan fails to teach transmitting a plurality of shares of the private key to a 
plurality of different entities such that it can be recreated. However, Kurn teaches that 
the protection key is split among multiple individuals (paragraph 89). Arthan and Kurn 
are analogous art because they are from the same field of endeavor, cryptography. At 
the time of the invention, it would have been obvious to one of ordinary skill in the art, 
having the teachings of Arthan and Kurn before him or her, to modify the system of 
Arthan to include the key split of Kurn. The suggestion/motivation for doing so would 
have been so that no one individual can produce the key (paragraph 27). 

20. Referring to claim 9, Arthan teaches: 

v. Disabling use of the second private key for authentication (column 4, lines 
20-23). 

w. Using the third private key for authentication (column 4, lines 20-23). 

x. Accessing the fourth private key (column 4, lines 20-23). 

y. Using the fourth private key for authentication (column 4, lines 20-23). 

21 . Arthan fails to teach recreating the fourth private key. However, Kurn teaches 
using the shares to recreate the key (paragraph 27). Arthan and Kurn are analogous art 
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because they are from the same field of endeavor, cryptography. At the time of the 
invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Arthan and Kurn before him or her, to modify the system of Arthan to 
include the key split of Kurn. The suggestion/motivation for doing so would have been 
so that no one individual can produce the key (paragraph 27). 

22. Referring to claims 11,19, and 26, Arthan discloses: 

z. Receiving a first public key (column 4, lines 18-20). 
aa. Receiving a second public key, the second public key associated with the 
first public key (column 4, lines 18-20), wherein the second public key has a 
corresponding second private key that can be used when there is no access to a 
first private key corresponding to the first public key wherein the first private key 
is disabled when the second private key is recreated and used for authentication 
(column 4, lines 25-32). 

bb. Using the first public key for authentication (column 5, lines 1 2-1 4). 
cc. Using the second public key for authentication if the first public key fails 
(column 5, lines 12-14). 

23. Arthan fails to teach transmitting a plurality of shares of the private key to a 
plurality of different entities such that it can be recreated while the private key is not 
stored on the device. However, Kurn teaches that the protection key is split among 
multiple individuals (paragraph 89) and that after the key is encoded, the protection key 
is erased from the computer memory (paragraph 102). Arthan and Kurn are analogous 
art because they are from the same field of endeavor, cryptography. At the time of the 
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invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Arthan and Kurn before him or her, to modify the system of Arthan to 
include the key split of Kurn. The suggestion/motivation for doing so would have been 
so that no one individual can produce the key (paragraph 27). 

24. Arthan in view of Kurn fails to teach a mobile user device. However, Hansmann 
teaches authenticating devices, the devices including mobile phones (paragraphs 27- 
28). Arthan in view of Kurn and Hansmann are analogous art because they are from the 
same field of endeavor, cryptography. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Arthan in view of Kurn 
and Hansmann before him or her, to modify the system of Arthan in view of Kurn to 
include the mobile phone of Hansmann. The suggestion/motivation for doing so would 
have been mobile phones are well known devices used for communication. 

25. Referring to claims 12, 20 and 27, Arthan teaches receiving a third public key 
from the device, the third public key associated with the second public key (column 5, 
lines 12-14), if the first public key fails and the second key results in successful 
authentication (column 4, lines 20-23). 

26. Referring to claims 13, 21 , and 28, Arthan teaches a third public key and a fourth 
public key from the device (column 5, lines 12-14), if the first public key fails and if the 
second public key results in a successful authentication, wherein the third and fourth 
public keys are associated with the second key (column 4, lines 20-26). 

27. Referring to claim 51 , Arthan teaches: 
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dd. A receiver configured to receive a first public key from a device and 
receiving a second public key from the device, the second public key associated 
with the first public key, wherein the second public key has a corresponding 
second private key that can be used when there is no access to a first private key 
corresponding to a first public key, wherein the first private key is disabled when 
the second private key is recreated and used for authentication (column 4, lines 
15-30). 

ee. A storage medium coupled to the receiver configured to store the first and 
second public keys (column 4, lines 18-20). 

ff. A processor coupled to the receiver and the storage medium, the 
processor configured to use the first public key for authentication, the processor 
configured to use the second public key for authentication if the first public key 
fails (column 4, lines 18-20). 
28. Arthan fails to teach transmitting a plurality of shares of the private key to a 
plurality of different entities such that it can be recreated while the private key is not 
stored on the device. However, Kurn teaches that the protection key is split among 
multiple individuals (paragraph 89) and that after the key is encoded, the protection key 
is erased from the computer memory (paragraph 102). Arthan and Kurn are analogous 
art because they are from the same field of endeavor, cryptography. At the time of the 
invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Arthan and Kurn before him or her, to modify the system of Arthan to 
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include the key split of Kurn. The suggestion/motivation for doing so would have been 
so that no one individual can produce the key (paragraph 27). 

29. Arthan in view of Kurn fails to teach a mobile user device. However, Hansmann 
teaches authenticating devices, the devices including mobile phones (paragraphs 27- 
28). Arthan in view of Kurn and Hansmann are analogous art because they are from the 
same field of endeavor, cryptography. At the time of the invention, it would have been 
obvious to one of ordinary skill in the art, having the teachings of Arthan in view of Kurn 
and Hansmann before him or her, to modify the system of Arthan in view of Kurn to 
include the mobile phone of Hansmann. The suggestion/motivation for doing so would 
have been mobile phones are well known devices used for communication. 

30. Referring to claims 53 - 55, Arthan teaches the second private key is removed 
from the user device upon transmission of the second private key (column 4, lines 30- 
32). 

31 . Arthan fails to teach transmitting a plurality of shares of the private key to a 
plurality of different entities such that it can be recreated while the private key is not 
stored on the device. However, Kurn teaches that the protection key is split among 
multiple individuals (paragraph 89) and that after the key is encoded, the protection key 
is erased from the computer memory (paragraph 102). Arthan and Kurn are analogous 
art because they are from the same field of endeavor, cryptography. At the time of the 
invention, it would have been obvious to one of ordinary skill in the art, having the 
teachings of Arthan and Kurn before him or her, to modify the system of Arthan to 
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include the key split of Kurn. The suggestion/motivation for doing so would have been 
so that no one individual can produce the key (paragraph 27). 

32. Claims 10 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Arthan in view of Kurn in view of Hansmann as applied above, and further in view 
of Official Notice. Referring to claim 10, Arthan in view of Kurn in view of Hansmann 
discloses all the limitations of the parent claim. Arthan in view of Kurn in view of 
Hansmann does not explicitly disclose preventing retransmission of the second private 
key. However, Arthan teaches that the key is encrypted and stored securely (column 5, 
lines 26-28) and that it should be held securely after generation (column 4, lines 30-31 ). 
The examiner takes official notice that it would have been obvious, to one of ordinary 
skill in the art at the time of invention, to prevent retransmission of the key since keeping 
the key stored securely is important and that retransmission would expose the key to 
more vulnerabilities. 

33. Referring to claim 15, Kurn teaches: 

gg. Creating at least two shares of the second private key at the device 
(paragraph 89). 

hh. Outputting each share to a different entity (paragraph 89). 

34. Arthan and Kurn are analogous art because they are from the same field of 
endeavor, cryptography. At the time of the invention, it would have been obvious to one 
of ordinary skill in the art, having the teachings of Arthan and Kurn before him or her, to 
modify the system of Arthan to include the key split of Kurn. The suggestion/motivation 
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for doing so would have been so that no one individual can produce the key (paragraph 
27). 

35. Arthan in view of Sudia does not explicitly disclose subsequent outputting of the 
key is prevented. However, Arthan teaches that the key is encrypted and stored 
securely (column 5, lines 26-28) and that it should be held securely after generation 
(column 4, lines 30-31). The examiner takes official notice that it would have been 
obvious, to one of ordinary skill in the art at the time of invention, to prevent 
retransmission of the key since keeping the key stored securely is important and that 
retransmission would expose the key to more vulnerabilities. 

36. Claims 57 - 68 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Arthan et al's US Patent 6,782,103 B1, and further in view of Sudia US Patent 
6,009,177. 

37. Referring to claims 57, 61 and 65, Arthan teaches: 

ii. Retrieving a second private key at a mobile user device that has no 
access to a first private key associated with the second private key (column 5, 
lines 12-14). 

jj. Creating a third private key and a corresponding third public key (column 
5, lines 12-14). 

kk. Using the second private key for authentication (column 4, lines 20-23). 

38. Sudia teaches re-creating the private key using at least some shares of the 
plurality of shares (column 31 , lines 45-55). At the time of the invention, it would have 
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been obvious to one of ordinary skill in the art, having the teachings of Arthan and Sudia 
before him or her, to modify the system of Arthan to include the private key distribution 
of Sudia. The suggestion/motivation for doing so would have been that it is desirable to 
have the key split among multiple key escrow agents to enhance user and public trust in 
the system (column 20, lines 66-column 21 , line 4). 

39. Referring to claim 58, 62 and 66, Sudia teaches recreating the second private 
key at a mobile user device different from a mobile user device that created the first 
private key and second private key (column 7, lines 8-1 1 ). At the time of the invention, it 
would have been obvious to one of ordinary skill in the art, having the teachings of 
Arthan and Sudia before him or her, to modify the system of Arthan to include the 
private key distribution of Sudia. The suggestion/motivation for doing so would have 
been that it is desirable to have the key split among multiple key escrow agents to 
enhance user and public trust in the system (column 20, lines 66-column 21, line 4). 

40. Referring to claims 59, 63, and 67, Arthan teaches: 

II. Outputting the third private key while retaining the second private key 
(column 4, lines 30-32). 

mm. Transmitting the third public key to the verifier device (column 4, lines 18- 
20). 

41 . Sudia teaches outputting the key as a plurality of shares such that it can be 
recreated (column 18, lines 12-14). The suggestion/motivation for doing so would have 
been that it is desirable to have the key split among multiple key escrow agents to 
enhance user and public trust in the system (column 20, lines 66-column 21, line 4). 
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42. Referring to claims 60, 64, and 68, Arthan teaches: 

nn. Creating a fourth private key and a corresponding fourth public key 
(column 4, lines 25-30). 

oo. Outputting the fourth private key while retaining the third private key (4, 
lines 30-32). 

pp. Outputting the third and fourth public keys (column 4, lines 18-20). 

43. Arthan fails to teach outputting the fourth private key as a plurality of shares such 
that it can be recreated. However, Sudia teaches breaking the key into several key 
splits, and escrowing the key with more than one escrow agent (column 18, lines 12- 
14). The suggestion/motivation for doing so would have been that it is desirable to have 
the key split among multiple key escrow agents to enhance user and public trust in the 
system (column 20, lines 66-column 21 , line 4). 



Conclusion 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Cordelia Zecher whose telephone number is (571)272- 
7771 . The examiner can normally be reached on Monday - Thursday 8:00 - 5:00 EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/C. Z.I 

Examiner, Art Unit 2432 
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/Benjamin E Lanier/ 

Primary Examiner, Art Unit 2432 



